By
Nick Lewis - Internet2 Program Manager
Estimated reading time: 7 minutes
Internet2 is a supporter of Cybersecurity Awareness Month (CSAM) and has many cybersecurity opportunities for the community to get engaged with throughout the year. In line with this year’s theme for CSAM, Securing Our World, four key behaviors are being encouraged:
- Use strong passwords and a password manager
- Turn on multifactor authentication
- Recognize and report phishing
- Update software
Internet2 has resources or activities on using strong passwords via federated identity, using password managers, and multifactor authentication.
I talk with people in the community regularly, and they’re always interested in what’s going on, but it’s so hard to keep up with everything! As part of CSAM this year with, we’re highlighting for the community the Internet2 cybersecurity related activities and resources available to the research and education community for protecting your campus and research and furthering your professional development.
Internet2 works with our partners at EDUCAUSE and the REN-ISAC on cybersecurity in higher education as well as running programs that higher education institutions and the research community can use in securing their organizations.
Internet2 has cybersecurity woven throughout the organization and the work we do with the community as it is integrated through the community. Internet2 cybersecurity resources and activities include the growing Minority Serving Cyberinfrastructure Consortium, network, trust and identity, cloud services, community events, and research activities.
Internet2 supports our members’ cloud journeys with a focus on enabling cloud access, supporting security and management needs, and fostering communities of practices. The Internet2 NET+ Program provides a portfolio of community-evaluated cloud services to higher education institutions as a key part of many campus cloud and cybersecurity programs. In 2023, we launched a new NET+ Kion service that may be of interest to campus cybersecurity teams for managing security and compliance for IaaS services. We also have key IAM content critical for securing IaaS included in the Cloud Learning and Skills Sessions (CLASS) for research IT on campus.
We also have made significant developments on the Cloud Scorecard with 50+ services in the directory for campuses to use for screening cloud services, including pointers to HECVATs, IT accessibility, identity, privacy, and other important aspects of cloud services. The NET+ program has two services campuses can use to directly support enabling multifactor authentication with the NET+ Duo program and a password manager with the NET+ LastPass program. We have heard from the community about how challenging it has become to manage the ever increasing number of cloud services on campus. In response, we sponsored a vendor management working group to develop and document best practices to share with the community and Internet2 NET+ Program, which will be crucial for a service evaluation in vendor risk management. Lastly, on October 18 AWS’s Solution Architect Chris Kuehn gave a presentation on AWS Security Lake as part of the regular series of subscriber events hosted by the NET+ AWS program.
Minority Serving – Cyberinfrastructure Consortium
The Minority Serving – Cyberinfrastructure Consortium (MS-CC) has grown significantly in the last year. The MS-CC has focused on building a trusted community and hosting cyberinfrastructure workshops for that community. They have continued to host workshops around the country to build community while focusing on workforce development, research acceleration, and sharing of resources. These activities are critical for everyone to make a difference building capacity on their campuses and in the community. These activities resulted in launching a Cybersecurity Community of Practice on October 10, 2023, led by Trusted CI and North Carolina A&T State University.
Designed for the demanding requirements of data-intensive research and supporting the advanced campus and cloud computing needs of the research and education community, the Internet2 Network provides the performance, resiliency, security, and capabilities demanded by the most advanced applications and networks.
As part of this, Internet2 has several network security activities for the community to get engaged with, including a Network Security Special Interest Group focused on network security, a continued focus on routing integrity to implement the “routing security easy button” because of the indispensable nature of the network, and a DDoS Mitigation Service for campuses to adopt to protect their networks along with our internal network security efforts to protect the Internet2 backbone network.
Trust and Identity
Through InCommon, Internet2 provides a community- built and driven access management infrastructure and related Trusted Access Platform that supports academic mission and collaborative research across the U.S. and globally. To learn more about how your peers are using these tools, come to events, watch the recordings from BaseCAMP, participate in InCommon Academy training, or get involved in the InCommon Collaboration Success Program.
There are also ongoing opportunities to get involved with InCommon’s efforts to facilitate cybersecurity cooperation, most notably its 2nd annual cybersecurity cooperation exercise taking place this fall. Earlier this year, InCommon kicked off InCommon Futures2, a strategic planning project being undertaken by the Steering Committee to help guide a vibrant future for InCommon and explore the identity and access management (IAM) challenges facing the research and higher ed community.
While so much community work continues to be accomplished by video conference, email lists, and wikis, our virtual community events have kept the entire community together while we have restarted in-person events like the Technology Exchange with information security focused sessions and Community Exchange. These virtual and in-person events are invaluable as a place for getting updates from the community on the most current cybersecurity topics.
Internet2 events provide critical opportunities for our expanding and diverse community to work together, share, and discuss common challenges and opportunities. Participants at our various events represent the complete spectrum of the global Internet2 community—including university, industry, and affiliate members as well as government agencies and regional and international partners.
Cybersecurity is at the very core of the Internet2 community’s ability to collaborate, define, test, and deploy advanced technologies that advance research and scholarship. Internet2 has working groups and many other ways for campuses to get involved in advancing cybersecurity across the community. These activities support campuses taking a risk-based approach to protect their campuses, learn from their peers, and focus on the behaviors most important to their organizations. We’d love to hear your thoughts around cybersecurity and Internet2. Reflect on ways your own institution is enhancing security by connecting with us on Linkedin and #CybersecurityAwarenessMonth or directly contacting and sharing how you participated in CSAM. Feel free to reach out to me if you have any questions or suggestions! We appreciate the contributions the research and higher ed community makes to help secure our world.
ICYMI
About the Author(s)
Nick Lewis (CISSP) is a Program Manager for Security and Identity. Nick has held positions at Michigan State University, the University of Michigan, Children’s Hospital Boston, and was ISO at Saint Louis University. Nick holds an MS in Information Assurance from Norwich and Telecommunications from MSU.